Commit bb4d9fd5 authored by Tejun Heo's avatar Tejun Heo
Browse files

sched_ext: scx_dsq_move() should validate the task belongs to the right scheduler 



scx_bpf_dsq_move[_vtime]() calls scx_dsq_move() to move task from a DSQ to
another. However, @p doesn't necessarily have to come form the containing
iteration and can thus be a task which belongs to another scx_sched. Verify
that @p is on the same scx_sched as the DSQ being iterated.

Signed-off-by: default avatarTejun Heo <tj@kernel.org>
Reviewed-by: default avatarAndrea Righi <arighi@nvidia.com>
parent 245d09c5

kernel/sched/ext.c

+6 −1
Original line number Diff line number Diff line
@@ -6718,8 +6718,8 @@ static const struct btf_kfunc_id_set scx_kfunc_set_enqueue_dispatch = { 
static bool scx_dsq_move(struct bpf_iter_scx_dsq_kern *kit,

			 struct task_struct *p, u64 dsq_id, u64 enq_flags)

{

	struct scx_sched *sch = scx_root;

	struct scx_dispatch_q *src_dsq = kit->dsq, *dst_dsq;

	struct scx_sched *sch = src_dsq->sched;

	struct rq *this_rq, *src_rq, *locked_rq;

	bool dispatched = false;

	bool in_balance;
@@ -6736,6 +6736,11 @@ static bool scx_dsq_move(struct bpf_iter_scx_dsq_kern *kit, 
	if (unlikely(READ_ONCE(scx_aborting)))

		return false;



	if (unlikely(!scx_task_on_sched(sch, p))) {

		scx_error(sch, "scx_bpf_dsq_move[_vtime]() on %s[%d] but the task belongs to a different scheduler",

			  p->comm, p->pid);

	}



	/*

	 * Can be called from either ops.dispatch() locking this_rq() or any

	 * context where no rq lock is held. If latter, lock @p's task_rq which